<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "DTD/xhtml1-strict.dtd">
<!-- saved from url=(0089)https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html -->
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Nessus Report</title><script type="text/javascript" src="./Nessus Agent AN_files/jquery.js"></script><script type="text/javascript" src="./Nessus Agent AN_files/jquery.tablesorter.min.js"></script><style type="text/css" media="all">
/* CSS Document */


/* zero out */
        html {
                margin:0;
                padding:0;
        background: url(/bgHTML.png) repeat top center;
                }

/* basic formatting */
        body {
                margin:0;
                padding:0;
                background: url(/bgRptBody.png) repeat-x top center;
                color: #69737b;
                font-family:"Trebuchet MS", Arial, Helvetica, sans-serif;
                border-top: #000 solid 1px;
                }

/* container formatting */              
        #container {
                position: relative;
                }
                
        .container_16 {
                margin-left:auto;
                margin-right:auto;
                width:960px;
                }
        
/* header formatting */
        #reportHeader {
                background-color:#234e67;
                height:43px;
                width:940px;
                margin-left:auto;
                margin-right:auto;
                margin-top:50px;
                }
                
        .reportHeaderLogo {
                background: url(/NessusLogoScreen.png) no-repeat left top;
                }
                
                .reportHeaderLogo a {
                        text-decoration: none;
                        text-transform:uppercase;
                        font: 10px/12px Arial, Helvetica, sans-serif;
                        color:#7ea5bd;
                        font-stretch:ultra-expanded;
                        }
                                
                .reportHeaderLogo a.active {
                        color:#FFF;
                        }
                
                .reportHeaderLogo ul {
                        list-style: outside none outside;
                        margin: 10px 0;
                        float:right;
                       }
                        
                .reportHeaderLogo li {
                        border-left: 2px solid #427796;
                        display:inline;
                        margin: 0 10px;
                        padding: 0 20px;
                        }
                        
                .reportHeaderLogo ul li:first-child  {
                        border-left:0 none;
                        padding:0;
                        }
                        
/* main content of page */
        #reportContent {
                background: #FFF;
                width:920px;
                height:auto;
                margin:10px auto;
                padding: 0 10px 10px 10px;
                box-shadow: inset #d8d8d8;
                }

/* table intro header and text */
        #tableTitle {
                margin-top:.2em;
        }
                
                #tableTitle h1 {
                        color: #ffc923;
                        font: bold 24px/30px 'Trebuchet MS', sans-serif;
                        margin-bottom:.2em;
                        float:left;
                        }
                        
                #tableTitle p {
                        font:bold 12px/14px Arial, Helvetica, sans-serif;
                        color:#053958;
                        margin-top:.1em;
                        }
        
/* span balances print link with H1 */          
        #tableTitle span {
                float:left;
                width:100%;
                }
                        
                #tableTitle span p{
                        float:right;
                        margin:2em 3.4em 0 0;
                        width:1.5em;
                }
                
                #tableTitle span a {
                        color:#244e67;
                        font:bold 10px/12px Arial, Helvetica, sans-serif;
                        text-transform:uppercase;
                }
        
/* table + cell formatting */
        table {
                font: bold 12px/14px Arial, Helvetica, sans-serif;
                color:#053958;
      width:100%;
                border-collapse:collapse;
                }
                
                table tr th, table tr td {
                        text-align:left;
                        height:25px;
                        margin-top:5px;
                        padding: 0 10px;
                        }

                table th {
                        background:#053958;
                        color:#FC3;
                        text-transform:uppercase;
                        cursor: pointer;
                        }
                        
                table tr td a {
                        color:#053958;
                        }
                                                
                table tr td a.visited {
                        color:#8c8c8c;
                        }
                
                table tr.odd {
                        background:#eef2f3;
                        }
                
                table tr td.high {
                        color:#c51010;
                        }
                        
                table tr td.med {
                        color:#e3801c;
                        }
                        
                table tr td.low {
                        color:#427796;
                        }
                        
                table tr td span.less {
                        font-weight:normal;
                        }
                table tr td span.grey {
                        color:#69737b;
                        }
                        
/*      sortable table th css 
        table#Overview th.header {
                background:url(arrowNot.png) #053958 no-repeat center left;
                color:#FC3;
                text-transform:uppercase;
                }
                
                table#Overview th.headerSortUp {
                        background:url(arrowUp.png) #053958 no-repeat center left;
                        }
                        
                table#Overview th.headerSortDown {
                        background:url(arrowDown.png) #053958 no-repeat center left;
                        }*/

    div#overview, div#portGeneral, div#portGenExpanded, div#portSpecific {
                margin-bottom:50px;
                }
                
        div#portSpecific table tr td:first-child {
                width:150px;
                }
                                        
        div#portSpecific table tr td {
                font: bold 14px/16px Arial, Helvetica, sans-serif;
                }
                
                
        a.return {
                text-decoration:underline;
                text-transform:uppercase;
                font: 10px/12px Arial, Helvetica, sans-serif;
                color:#527a90;
                float:right;
                padding-top:10px;
                }
                
                
/* port general, port general expanded - nontabular */
        div#portGeneral, div#portGenExpanded {
                background-color:#eef2f3;
                font: bold 14px/16px Arial, Helvetica, sans-serif;
                color:#053958;
                }
                
                div#portGeneral div.inner, div#portGenExpanded div.inner {
                        padding:10px;
                        }
                
                div#portGeneral div.inner p:first-child, div#portGenExpanded div.inner div p {
                        margin-top:0;
                        }
                        
                div#portGenExpanded div.inner div p.fc {
                        float:left; 
                        width:250px; 
                        display:inline;
                        }
                
                div#portGeneral h2, div#portGenExpanded h2 {
                        background:#053958;
                        color:#FC3;
                        font:bold 12px/14px Arial,Helvetica,sans-serif;
                        text-transform:uppercase;
                        cursor: pointer;
                        padding: 0 10px;
                        line-height:25px;
                        }
                        
                div#portGeneral div.inner a, div#portGenExpanded div.inner a {
                        color:#053958;
                        }
                        
                div#portGeneral a.visited, div#portGenExpanded div.inner a.visited {
                        color:#8c8c8c;
                        }
                        
                div#portGeneral p {
:
                     line-height:1.3em;
                        margin-bottom:.1em;
                        }
                        
                div#portGeneral p.high, div#portGenExpanded p.high {
                        color:#c51010;
                        }
                        
                div#portGeneral p.med, div#portGenExpanded p.med {
                        color:#e3801c;
                        }
                        
                div#portGeneral p.low, div#portGenExpanded p.low {
                        color:#427796;
                        }
                        
                div#portGeneral span.less, div#portGenExpanded span.less {
                        font-weight:normal;
                        }
                div#portGeneral span.grey, div#portGenExpanded span.grey {
                        color:#69737b;
                        }
                
                div#portGenExpanded p {
                        line-height:1.5em;
                        margin-bottom:.1em;
                        }
                
                div#portGenExpanded ul {
                        list-style-type:none; 
                        padding-left:0; 
                        padding-top:0; 
                        line-height:1.5em;
                        font-weight:normal;
                        }
                        
                div#portGeneral hr, div#portGenExpanded hr {
                        margin-bottom:1.2em;
                        line-height:1em;
                        border:#d2d9db solid 1px;
                        }
                        
                div#portGeneral hr.blue, div#portGenExpanded hr.blue {
                        border:solid 1px #7ea5bd;
                        }
                div#portGeneral span a, div#portGenExpanded span a {
                        line-height:20px;
                        }
                        
                pre {
                        color:#69737b;font-weight:normal;
                        font-family:Arial, Helvetica, sans-serif;
                        }
  </style>
 </head>
<body>
<div class="container_16" id="container">
  <div id="reportHeader" class="reportHeaderLogo">
    <ul class="header"></ul></div>
    <div id="reportContent">
      <div id="tableTitle">
        <span><h1>List of PlugIn IDs</h1><p><a href="JavaScript:window.print();" title="print">&gt;print</a></p></span><br clear="all">
        <p>The following plugin IDs have problems associated with them. Select the ID to review more detail.</p></div>
        <div id="overview">
          <table id="Overview">
            <thead><tr><th class="header">Plugin id#<img src="./Nessus Agent AN_files/arrow.png" alt="arrow"></th><th class="header headerSortUp"># of issues<img src="./Nessus Agent AN_files/arrow.png" alt="arrow"></th><th class="header headerSortUp">Plugin name<img src="./Nessus Agent AN_files/arrow.png" alt="arrow"></th><th class="header headerSortDown">Severity<img src="./Nessus Agent AN_files/arrow.png" alt="arrow"></th></tr>
</thead>
<tbody><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#34477">34477</a></td>
<td>1</td>
<td class="plugInName">MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check)</td>
<td class="high">High Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#22034">22034</a></td>
<td>1</td>
<td class="plugInName">MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159) (uncredentialed check)</td>
<td class="high">High Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#18502">18502</a></td>
<td>1</td>
<td class="plugInName">MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422) (uncredentialed check)</td>
<td class="high">High Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#11011">11011</a></td>
<td>2</td>
<td class="plugInName">SMB Service Detection</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#26920">26920</a></td>
<td>1</td>
<td class="plugInName">Windows SMB NULL Session Authentication</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#10150">10150</a></td>
<td>1</td>
<td class="plugInName">Windows NetBIOS / SMB Remote Host Information Disclosure</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#20094">20094</a></td>
<td>1</td>
<td class="plugInName">VMware Virtual Machine Detection</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#25220">25220</a></td>
<td>1</td>
<td class="plugInName">TCP/IP Timestamps Supported</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#26917">26917</a></td>
<td>1</td>
<td class="plugInName">SMB Registry : Nessus Cannot Access the Windows Registry</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#10785">10785</a></td>
<td>1</td>
<td class="plugInName">SMB NativeLanManager Remote System Information Disclosure</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#10394">10394</a></td>
<td>1</td>
<td class="plugInName">SMB Log In Possible</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#10397">10397</a></td>
<td>1</td>
<td class="plugInName">SMB LanMan Pipe Server Listing Disclosure</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#11936">11936</a></td>
<td>1</td>
<td class="plugInName">OS Identification</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#19506">19506</a></td>
<td>1</td>
<td class="plugInName">Nessus Scan Information</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="even">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#35716">35716</a></td>
<td>1</td>
<td class="plugInName">Ethernet card brand</td>
<td class="low">Low Severity problem(s) found</td>
</tr><tr xmlns="" class="odd">
<td><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#45590">45590</a></td>
<td>1</td>
<td class="plugInName">Common Platform Enumeration (CPE)</td>
<td class="low">Low Severity problem(s) found</td>
</tr></tbody></table></div>
<div id="portGeneral"><a name="10785"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=10785">10785</a></p>
<p>SMB NativeLanManager Remote System Information Disclosure</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to obtain information about the remote operating
system.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey">The remote Operating System is : Windows 5.1<br>
The remote native lan manager is : Windows 2000 LAN Manager<br>
The remote SMB Domain Name is : IT-42DA1231234<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">It is possible to get the remote operating system name and<br>
version (Windows and/or Samba) by sending an authentication<br>
request to port 139 or 445.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2001/10/17</span><br>
</div>
<a name="25220"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=25220">25220</a></p>
<p>TCP/IP Timestamps Supported</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">The remote service implements TCP timestamps.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host implements TCP timestamps, as defined by RFC1323.  A<br>
side effect of this feature is that the uptime of the remote host can<br>
sometimes be computed.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>See also<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.ietf.org/rfc/rfc1323.txt">http://www.ietf.org/rfc/rfc1323.txt</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2007/05/16</span><br>
Plugin last modification date: <span class="less grey">2010/03/22</span><br>
</div>
<a name="19506"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=19506">19506</a></p>
<p>Nessus Scan Information</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">Information about the Nessus scan.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey">Information about this scan : <br>
<br>
Nessus version : 4.4.0<br>
Plugin feed version : 201102260034<br>
Type of plugin feed : HomeFeed (Non-commercial use only)<br>
<br>
ERROR: Your plugin feed has not been updated since 2011/2/26<br>
Performing a scan with an older plugin set will yield out of date results and<br>
produce an incomplete audit. Please run nessus-update-plugins to get the<br>
newest vulnerability checks from Nessus.org.<br>
<br>
Scanner IP : 172.16.30.5<br>
Port scanner(s) : nessus_tcp_scanner nessus_syn_scanner <br>
Port range : default<br>
Thorough tests : no<br>
Experimental tests : no<br>
Paranoia level : 1<br>
Report Verbosity : 1<br>
Safe checks : yes<br>
Optimize the test : yes<br>
CGI scanning : disabled<br>
Web application tests : disabled<br>
Max hosts : 100<br>
Max checks : 5<br>
Recv timeout : 5<br>
Backports : None<br>
Scan Start Date : 2011/5/21 15:09<br>
Scan duration : 289 sec<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">This script displays, for each tested host, information about the scan itself:<br>
<br>
 - The version of the plugin set<br>
 - The type of plugin feed (HomeFeed or ProfessionalFeed)<br>
 - The version of the Nessus Engine<br>
 - The port scanner(s) used<br>
 - The port range scanned<br>
 - The date of the scan<br>
 - The duration of the scan<br>
 - The number of hosts scanned in parallel<br>
 - The number of checks done in parallel</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2005/08/26</span><br>
Plugin last modification date: <span class="less grey">2010/11/11</span><br>
</div>
<a name="26917"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=26917">26917</a></p>
<p>SMB Registry : Nessus Cannot Access the Windows Registry</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">Nessus is not able to access the remote Windows Registry.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey">Could not connect to the registry because:<br>
Could not connect to \winreg</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">It was not possible to connect to PIPE\winreg on the remote host.<br>
<br>
If you intend to use Nessus to perform registry-based checks, the<br>
registry checks will not work because the 'Remote Registry Access'<br>
service (winreg) has been disabled on the remote host or can not be<br>
connected to with the supplied credentials.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2007/10/04</span><br>
Plugin last modification date: <span class="less grey">2010/09/22</span><br>
</div>
<a name="18502"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=18502">18502</a></p>
<p>MS05-027: Vulnerability in SMB Could Allow Remote Code Execution (896422) (uncredentialed check)</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">Arbitrary code can be executed on the remote host due to a flaw in the
SMB implementation.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote version of Windows contains a flaw in the Server Message<br>
Block (SMB) implementation that may allow an attacker to execute<br>
arbitrary code on the remote host. <br>
<br>
An attacker does not need to be authenticated to exploit this flaw.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">Microsoft has released a set of patches for Windows 2000, XP and<br>
2003 :<br>
<br>
http://www.microsoft.com/technet/security/bulletin/ms05-027.mspx</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">Critical/ CVSS Base Score: 10.0<br>
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>CVE<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1206">CVE-2005-1206</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Bugtraq ID<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/13942">13942</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
IAVA:2005-t-0019<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/17308">OSVDB:17308</a><br>
MSFT:MS05-027<br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Vulnerability publication date: <span class="less grey">2005/06/15</span><br>
Patch publication date: <span class="less grey">2005/06/14</span><br>
Plugin publication date: <span class="less grey">2005/06/16</span><br>
Plugin last modification date: <span class="less grey">2011/01/04</span><br>
Ease of exploitability: <span class="less grey">Exploits are available</span><br>
Exploitable with: <span class="less grey">Core Impact</span><br>
</div>
<a name="10150"></a><h2>Port netbios-ns (137/udp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=10150">10150</a></p>
<p>Windows NetBIOS / SMB Remote Host Information Disclosure</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to obtain the network name of the remote host.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey">The following 4 NetBIOS names have been gathered :<br>
<br>
 IT-42DA1231234   = Computer name<br>
 WORKGROUP        = Workgroup / Domain name<br>
 IT-42DA1231234   = File Server Service<br>
 WORKGROUP        = Browser Service Elections<br>
<br>
The remote host has the following MAC address on its adapter :<br>
   00:0c:29:4e:db:5f</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host listens on UDP port 137 or TCP port 445 and replies to <br>
NetBIOS nbtscan or SMB requests.<br>
<br>
Note that this plugin gathers information to be used in other plugins<br>
but does not itself generate a report.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">1999/10/12</span><br>
Plugin last modification date: <span class="less grey">2010/07/14</span><br>
</div>
<a name="11936"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=11936">11936</a></p>
<p>OS Identification</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to guess the remote operating system</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
Remote operating system : Microsoft Windows XP Service Pack 2<br>
Microsoft Windows XP Service Pack 3<br>
Confidence Level : 99<br>
Method : MSRPC<br>
<br>
 <br>
The remote host is running one of these operating systems : <br>
Microsoft Windows XP Service Pack 2<br>
Microsoft Windows XP Service Pack 3</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">Using a combination of remote probes (TCP/IP, SMB, HTTP, NTP, SNMP, etc...) <br>
it is possible to guess the name of the remote operating system in use, and<br>
sometimes its version</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">N/A</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2003/12/09</span><br>
Plugin last modification date: <span class="less grey">2011/02/21</span><br>
</div>
<a name="11011"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=11011">11011</a></p>
<p>SMB Service Detection</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">A file / print sharing service is listening on the remote host.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
A CIFS server is running on this port.<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote service understands the CIFS (Common Internet File System)<br>
or Server Message Block (SMB) protocol, used to provide shared access<br>
to files, printers, etc between nodes on a network.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2002/06/05</span><br>
</div>
<a name="11011"></a><h2>Port smb (139/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=11011">11011</a></p>
<p>SMB Service Detection</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">A file / print sharing service is listening on the remote host.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
An SMB server is running on this port.<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote service understands the CIFS (Common Internet File System)<br>
or Server Message Block (SMB) protocol, used to provide shared access<br>
to files, printers, etc between nodes on a network.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2002/06/05</span><br>
</div>
<a name="35716"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=35716">35716</a></p>
<p>Ethernet card brand</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">The manufacturer can be deduced from the Ethernet OUI.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
The following card manufacturers were identified :<br>
<br>
00:0c:29:4e:db:5f : VMware, Inc.<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">Each ethernet MAC address starts with a 24-bit 'Organizationally <br>
Unique Identifier'.<br>
These OUI are registered by IEEE.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>See also<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://standards.ieee.org/faqs/OUI.html">http://standards.ieee.org/faqs/OUI.html</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://standards.ieee.org/regauth/oui/index.shtml">http://standards.ieee.org/regauth/oui/index.shtml</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2009/02/19</span><br>
Plugin last modification date: <span class="less grey">2010/10/26</span><br>
</div>
<a name="26920"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=26920">26920</a></p>
<p>Windows SMB NULL Session Authentication</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to log into the remote Windows host with a NULL
session.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host is running Microsoft Windows, and it was possible to<br>
log into it using a NULL session (i.e., with no login or password).  An<br>
unauthenticated remote attacker can leverage this issue to get<br>
information about the remote host.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>See also<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://support.microsoft.com/kb/q143474/">http://support.microsoft.com/kb/q143474/</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://support.microsoft.com/kb/q246261/">http://support.microsoft.com/kb/q246261/</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>CVE<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0519">CVE-1999-0519</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0520">CVE-1999-0520</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1117">CVE-2002-1117</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Bugtraq ID<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/494">494</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/299">OSVDB:299</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Vulnerability publication date: <span class="less grey">1999/07/14</span><br>
Plugin publication date: <span class="less grey">2007/10/04</span><br>
Plugin last modification date: <span class="less grey">2010/10/06</span><br>
Ease of exploitability: <span class="less grey">No known exploits are available</span><br>
</div>
<a name="45590"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=45590">45590</a></p>
<p>Common Platform Enumeration (CPE)</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to enumerate CPE names that matched on the remote
system.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
The remote operating system matched the following CPEs : <br>
<br>
  cpe:/o:microsoft:windows_xp::sp2 -&gt; Microsoft Windows XP Service Pack 2<br>
  cpe:/o:microsoft:windows_xp::sp3 -&gt; Microsoft Windows XP Service Pack 3<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">By using information obtained from a Nessus scan, this plugin reports<br>
CPE (Common Platform Enumeration) matches for various hardware and<br>
software products found on a host.  <br>
<br>
Note that if an official CPE is not available for the product, this<br>
plugin computes the best possible CPE based on the information<br>
available from the scan.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>See also<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://cpe.mitre.org/">http://cpe.mitre.org/</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2010/04/21</span><br>
Plugin last modification date: <span class="less grey">2010/04/21</span><br>
</div>
<a name="34477"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=34477">34477</a></p>
<p>MS08-067: Microsoft Windows Server Service Crafted RPC Request Handling Remote Code Execution (958644) (uncredentialed check)</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">Arbitrary code can be executed on the remote host due to a flaw in the
'Server' service.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host is vulnerable to a buffer overrun in the 'Server'<br>
service that may allow an attacker to execute arbitrary code on the<br>
remote host with the 'System' privileges.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">Microsoft has released a set of patches for Windows 2000, XP, 2003,<br>
Vista and 2008 :<br>
<br>
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">Critical/ CVSS Base Score: 10.0<br>
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)<br>CVSS Temporal Score: 8.7(CVSS2#E:H/RL:OF/RC:C)</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>CVE<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4250">CVE-2008-4250</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Bugtraq ID<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/31874">31874</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/49243">OSVDB:49243</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://cwe.mitre.org/data/definitions/94.html">CWE:94</a><br>
MSFT:MS08-067<br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2008/10/23</span><br>
Plugin last modification date: <span class="less grey">2011/01/04</span><br>
Ease of exploitability: <span class="less grey">Exploits are available</span><br>
Exploitable with: <span class="less grey">Canvas (CANVAS), Core Impact, Metasploit (Microsoft Server Service Relative Path Stack Corruption)</span><br>
</div>
<a name="22034"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=22034">22034</a></p>
<p>MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159) (uncredentialed check)</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">Arbitrary code can be executed on the remote host due to a flaw in the
'Server' service.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host is vulnerable to heap overflow in the 'Server' service<br>
that may allow an attacker to execute arbitrary code on the remote<br>
host with 'SYSTEM' privileges. <br>
<br>
In addition to this, the remote host is also affected by an<br>
information disclosure vulnerability in SMB that may allow an attacker<br>
to obtain portions of the memory of the remote host.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">Microsoft has released a set of patches for Windows 2000, XP and<br>
2003 :<br>
<br>
http://www.microsoft.com/technet/security/bulletin/ms06-035.mspx</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">High/ CVSS Base Score: 7.5<br>
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)<br>CVSS Temporal Score: 6.2(CVSS2#E:F/RL:OF/RC:C)</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>CVE<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1314">CVE-2006-1314</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1315">CVE-2006-1315</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Bugtraq ID<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/18863">18863</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/18891">18891</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/27154">OSVDB:27154</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/27155">OSVDB:27155</a><br>
MSFT:MS06-035<br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Vulnerability publication date: <span class="less grey">2006/07/12</span><br>
Patch publication date: <span class="less grey">2006/07/11</span><br>
Plugin publication date: <span class="less grey">2006/07/12</span><br>
Plugin last modification date: <span class="less grey">2011/01/04</span><br>
Ease of exploitability: <span class="less grey">Exploits are available</span><br>
Exploitable with: <span class="less grey">Core Impact</span><br>
</div>
<a name="20094"></a><h2>Port (0/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=20094">20094</a></p>
<p>VMware Virtual Machine Detection</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">The remote host seems to be a VMware virtual machine.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
<br></span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">According to the MAC address of its network adapter, the remote host<br>
is a VMware virtual machine. <br>
<br>
Since it is physically accessible through the network, ensure that its<br>
configuration matches your organization's security policy.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Plugin publication date: <span class="less grey">2005/10/27</span><br>
Plugin last modification date: <span class="less grey">2010/07/21</span><br>
</div>
<a name="10394"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=10394">10394</a></p>
<p>SMB Log In Possible</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to log into the remote host.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey">- NULL sessions are enabled on the remote host<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">The remote host is running Microsoft Windows operating<br>
system or Samba, a CIFS/SMB server for Unix.  It was <br>
possible to log into it using one of the following <br>
account :<br>
<br>
- NULL session<br>
- Guest account<br>
- Given Credentials</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>See also<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP">http://support.microsoft.com/support/kb/articles/Q143/4/74.ASP</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP">http://support.microsoft.com/support/kb/articles/Q246/2/61.ASP</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>CVE<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0504">CVE-1999-0504</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0505">CVE-1999-0505</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-0506">CVE-1999-0506</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2000-0222">CVE-2000-0222</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1117">CVE-2002-1117</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3595">CVE-2005-3595</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Bugtraq ID<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/494">494</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/990">990</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://www.securityfocus.com/bid/11199">11199</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/297">OSVDB:297</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/3106">OSVDB:3106</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/8230">OSVDB:8230</a><br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/10050">OSVDB:10050</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Vulnerability publication date: <span class="less grey">1999/01/01</span><br>
Plugin publication date: <span class="less grey">2000/05/09</span><br>
Plugin last modification date: <span class="less grey">2011/02/25</span><br>
Ease of exploitability: <span class="less grey">Exploits are available</span><br>
Exploitable with: <span class="less grey">Metasploit (Microsoft Windows Authenticated User Code Execution)</span><br>
</div>
<a name="10397"></a><h2>Port cifs (445/tcp)</h2><div xmlns="" class="inner">
<p><span class="less">Plugin ID: </span><a xmlns="http://www.w3.org/1999/xhtml" href="http://www.nessus.org/plugins/index.php?view=single&id=10397">10397</a></p>
<p>SMB LanMan Pipe Server Listing Disclosure</p>
<hr class="blue">
<p>Synopsis<br>
<span class="less grey">It is possible to obtain network information.</span></p>
<p>List of Hosts<br><span class="less">
<br><a xmlns="http://www.w3.org/1999/xhtml" href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#172.16.20.89">172.16.20.89</a><br>
</span></p><p><span style="whitespace:no-wrap;" class="pluginOutput">Plugin Output<br></span>
<span class="less grey"><br>
Here is the browse list of the remote host : <br>
<br>
IT-42DA1231234 ( os : 5.1 )<br>
IT-42DA17A77991 ( os : 5.1 )<br>
</span></p>
<br><p></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Description<br><span class="less grey">It was possible to obtain the browse list of the remote Windows system<br>
by send a request to the LANMAN pipe.  The browse list is the list of<br>
the nearest Windows systems of the remote host.</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Solution<br><span class="less grey">n/a</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Risk Factor<br><span class="less grey">None</span></p></div>
<hr xmlns="">
<div xmlns="" class="inner"><p>Other references<br>
<a xmlns="http://www.w3.org/1999/xhtml" href="http://osvdb.org/show/osvdb/300">OSVDB:300</a><br>
</p></div>
<hr xmlns="">
<div xmlns="" class="inner">
Vulnerability publication date: <span class="less grey">2000/01/01</span><br>
Plugin publication date: <span class="less grey">2000/05/09</span><br>
</div>
</div>
<div xmlns="" id="portSpecific">
<a name="172.16.20.89"></a><div xmlns="" id="portSpecific">
</div><table><tbody></table><table>
<tbody><tr><th colspan="2">172.16.20.89</th></tr>
<tr class="odd"><td colspan="2">Scan Time</td></tr>
<tr><td><span class="less">Start time:</span></td>
<td><span class="grey less">Sat May 21 15:09:55 2011</span></td></tr>
<tr><td><span class="less">End time:</span></td>
<td><span class="grey less">Sat May 21 15:14:44 2011</span></td></tr>
<tr><td colspan="2"></tr><tr class="odd"><td colspan="2">Number of vulnerabilities</td></tr><tr><td class="high"><span class="less">High</span></td><td class="high"><span class="less">3</span></td></tr><tr><td class="med"><span class="less">Medium</span></td><td class="med"><span class="less">0</span></td></tr><tr><td class="low"><span class="less">Low</span></td><td class="low"><span class="less">14</span></td></tr><tr><td colspan="2"></tr><tr class="odd"><td colspan="2">Remote Host Information</td></tr><tr><td><span class="less">Operating System:</span></td><td><span class="grey less">Microsoft Windows XP Service Pack 2<br>
Microsoft Windows XP Service Pack 3</span></td></tr><tr><td><span class="less">NetBIOS name:</span></td><td><span class="grey less">IT-42DA1231234</span></td></tr><tr><td><span class="less">MAC address:</span></td><td><span class="grey less">00:0c:29:4e:db:5f</span></td></tr><tr class="odd"><td colspan="2"></tr></tbody></table><a href="https://127.0.0.1:8834/file/xslt/download/?fileName=cb14ad0b19da7c961cd0344c670215c9.html#" class="return">^Back</a><script type="text/javascript">
                                    // add parser through the tablesorter addParser method 
                                        $.tablesorter.addParser({ 
                                                // unique id 
                                                id: 'severity', 
                                                is: function(s) { 
                                                        // return false so parser is not auto detected 
                                                        return false; 
                                                }, 
                                                format: function(s) { 
                                                        // normalization 
                                                        return s.toLowerCase().replace(/high/,'A').replace(/medium/,'B').replace(/low/,'C'); 
                                                }, 
                                                // set type, numeric or text 
                                                type: 'text' 
                                        }); 

                                        $(function() { 
                                                $("#Overview").tablesorter({ 
                                                        headers: { 
                                                                3: { 
                                                                        // alternate sort
                                                                        sorter:'severity' 
                                                                } 
                                                        },
                                                        // keeps alternate row formatting during sorts
                                                        widgets: ['zebra'],
                                                        sortList: [[3,0],[1,1],[2,1]]
                                                }); 
                                        }); 
                                        
                                </script></div></div></div></body></html>